Forums / Suggestions / Enhancing Document Management features

Enhancing Document Management features

« 
Previous topic
|
Suggestions
|
Next topic
 »
Author Message

Hakim Bouras

Wednesday 14 February 2007 12:36:40 am

Hi,

Unless I missed something, ezPublish (last version tested 3.9) miss two critical features about Document Management:

- SECURITY: any files uploaded are accessible to anyone knowing the URL (anonymous user). The security only applies to the container (File object, or image ...) but not to the file itself

- VERSIONNING: files uploaded are not versionned, only the container (File object, or image ...) is

Do we have a chance to see these issues addressed in the next versions of ezPublish?

Thanks,
Hakim

Kristof Coomans

Wednesday 14 February 2007 2:29:45 am

Hi Hakim

- SECURITY: if you configure eZ publish correctly (see http://ez.no/doc/ez_publish/technical_manual/3_8/installation/virtual_host_setup#comment6751 ) then binary files are not directly accessible, instead they need to be downloaded through the content/download view, which checks the read (or versionread) policy on the file content object.

- VERSIONING: files uploaded ARE versioned

Also see http://ezpedia.org/wiki/en/ez/file

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

Xavier Dutoit

Wednesday 14 February 2007 5:24:59 am

Hi,

The preview view for the file for a specific (archived) version doesn't display the correct link but the latest one, no matter the version (at least on the version I've tried on) . However, if you do a diff between two versions, it's going to show the correct urls for both of them (content/download...) and you can download the previous version.

X+

http://www.sydesy.com

Hakim Bouras

Thursday 15 February 2007 4:33:50 am

Well, I missed something... Thank you for your replies.

In order to enhance the Document Management features, I will then propose:

- to include two levels of versions (which will help to keep a meaningfull history)
- major versions (1.x, 2.x, 3.x, ...) for important changes
- minor versions (x.0, x.1, x.2, ...) for small changes

- to include the possibility to flag some versions as "Archive" so that they do not get automatically recycled

Hakim

Stephen Boals

Sunday 25 February 2007 6:58:01 am

Great articles on security requirements on CM/DM systems:

-edited: link removed (spam)-

eZ debug

Timing: Jan 18 2025 04:15:13
Script start
Timing: Jan 18 2025 04:15:13
Module start 'content'
Timing: Jan 18 2025 04:15:14
Module end 'content'
Timing: Jan 18 2025 04:15:14
Script end

Main resources:

Total runtime0.7863 sec
Peak memory usage4,096.0000 KB
Database Queries204

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0069 588.9453180.8281
Module start 'content' 0.00690.6429 769.7734643.5078
Module end 'content' 0.64980.1364 1,413.2813338.8750
Script end 0.7862  1,752.1563 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.00450.5729210.0002
Check MTime0.00160.2025210.0001
Mysql Total
Database connection0.00090.118510.0009
Mysqli_queries0.706889.89202040.0035
Looping result0.00200.25212020.0000
Template Total0.742894.520.3714
Template load0.00210.262420.0010
Template processing0.740794.202420.3703
Template load and register function0.00010.010210.0001
states
state_id_array0.00981.243710.0098
state_identifier_array0.00180.229120.0009
Override
Cache load0.00170.2200340.0001
Sytem overhead
Fetch class attribute can translate value0.00140.177350.0003
Fetch class attribute name0.00120.152080.0001
XML
Image XML parsing0.00160.200750.0003
class_abstraction
Instantiating content class attribute0.00000.002390.0000
General
dbfile0.00260.3303390.0001
String conversion0.00000.000930.0000
Note: percentages do not add up to 100% because some accumulators overlap

CSS/JS files loaded with "ezjscPacker" during request:

CacheTypePacklevelSourceFiles
CSS0extension/community/design/community/stylesheets/ext/jquery.autocomplete.css
extension/community_design/design/suncana/stylesheets/scrollbars.css
extension/community_design/design/suncana/stylesheets/tabs.css
extension/community_design/design/suncana/stylesheets/roadmap.css
extension/community_design/design/suncana/stylesheets/content.css
extension/community_design/design/suncana/stylesheets/star-rating.css
extension/community_design/design/suncana/stylesheets/syntax_and_custom_tags.css
extension/community_design/design/suncana/stylesheets/buttons.css
extension/community_design/design/suncana/stylesheets/tweetbox.css
extension/community_design/design/suncana/stylesheets/jquery.fancybox-1.3.4.css
extension/bcsmoothgallery/design/standard/stylesheets/magnific-popup.css
extension/sevenx/design/simple/stylesheets/star_rating.css
extension/sevenx/design/simple/stylesheets/libs/fontawesome/css/all.min.css
extension/sevenx/design/simple/stylesheets/main.v02.css
extension/sevenx/design/simple/stylesheets/main.v02.res.css
JS0extension/ezjscore/design/standard/lib/yui/3.17.2/build/yui/yui-min.js
extension/ezjscore/design/standard/javascript/jquery-3.7.0.min.js
extension/community_design/design/suncana/javascript/jquery.ui.core.min.js
extension/community_design/design/suncana/javascript/jquery.ui.widget.min.js
extension/community_design/design/suncana/javascript/jquery.easing.1.3.js
extension/community_design/design/suncana/javascript/jquery.ui.tabs.js
extension/community_design/design/suncana/javascript/jquery.hoverIntent.min.js
extension/community_design/design/suncana/javascript/jquery.popmenu.js
extension/community_design/design/suncana/javascript/jScrollPane.js
extension/community_design/design/suncana/javascript/jquery.mousewheel.js
extension/community_design/design/suncana/javascript/jquery.cycle.all.js
extension/sevenx/design/simple/javascript/jquery.scrollTo.js
extension/community_design/design/suncana/javascript/jquery.cookie.js
extension/community_design/design/suncana/javascript/ezstarrating_jquery.js
extension/community_design/design/suncana/javascript/jquery.initboxes.js
extension/community_design/design/suncana/javascript/app.js
extension/community_design/design/suncana/javascript/twitterwidget.js
extension/community_design/design/suncana/javascript/community.js
extension/community_design/design/suncana/javascript/roadmap.js
extension/community_design/design/suncana/javascript/ez.js
extension/community_design/design/suncana/javascript/ezshareevents.js
extension/sevenx/design/simple/javascript/main.js

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1node/view/full.tplfull/forum_topic.tplextension/sevenx/design/simple/override/templates/full/forum_topic.tplEdit templateOverride template
4content/datatype/view/ezimage.tpl<No override>extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tplEdit templateOverride template
5content/datatype/view/ezxmltext.tpl<No override>extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tplEdit templateOverride template
7content/datatype/view/ezxmltags/paragraph.tpl<No override>extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tplEdit templateOverride template
2content/datatype/view/ezxmltags/line.tpl<No override>design/standard/templates/content/datatype/view/ezxmltags/line.tplEdit templateOverride template
1pagelayout.tpl<No override>extension/sevenx/design/simple/templates/pagelayout.tplEdit templateOverride template
 Number of times templates used: 20
 Number of unique templates used: 6

Time used to render debug report: 0.0001 secs